Issue No. 54Jan 2017

IT Security, Spear Phishing-

What is It?

With computer and network hacking in the news lately, the term “Spear Fishing” has come to the limelight. This article defines what this is, and how this may affect your company. The latest twist on phishing is spear phishing. No, it’s not a sport, it’s a scam and you and your company are the target. Spear phishing is an email that appears to be from an individual or business that you know. But it isn’t. It’s from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC or company network. Learn how to protect yourself.

Email from a “Friend”

The spear phisher thrives on familiarity. He knows your name, your email address, and at least a little about you. The salutation on the email message is likely to be personalized: “Hi Bob” instead of “Dear Sir.” The email may make reference to a “mutual friend.” Or to a recent online purchase you’ve made. Because the email seems to come from someone you know, you may be less vigilant and give them the information they ask for. And when it’s a company you know asking for urgent action, you may be tempted to act before thinking.

Using Your Web Presence Against You

How do you become a target of a spear phisher? From the information you put on the Internet from your PC or smartphone. For example, they might scan social networking sites, find your page, your email address, your friends list, and a recent post by you telling friends about the cool new camera you bought at an online retail site. Using that information, a spear phisher could pose as a friend, send you an email, and ask you for a password to your photo page. If you respond with the password, they’ll try that password and variations to try to access your account on that online retail site you mentioned. If they find the right one, they’ll use it to run up a nice tab for you. Or the spear phisher might use the same information to pose as somebody from the online retailer and ask you to reset your password, or re-verify your credit card number. If you do, he’ll do you financial harm.

Keep Your Secrets Secret

How safe you and your information remain depends in part on you being careful. Take a look at your online presence. How much information is out there about you that could be pieced together to scam you? Your name? Email address? Friends’ names? Their email addresses? Are you on, for example, any of the popular social networking sites? Take a look at your posts. Anything there you don’t want a scammer to know? Or have you posted something on a friend’s page that might reveal too much?

Passwords That Work

Think about your passwords. Do you use just one or easy to figure out variations on just one? If you do either, you shouldn’t, because you’re making it easy for a scammer to get access to your personal financial information. Every password for every site you visit should be different, really different. Random letters and numbers work best. Change them frequently. Your Internet security software and operating system can help you keep track of your passwords.

Patches, Updates, and Security Software

When you get notices from software vendors to update your software, do it. Most operating system and browser updates include security patches. Your name and email address may be all it takes for a hacker to slip through a security hole into your system. And it almost goes without saying, you should be protected by Internet security software, and it should always be up to date.

Be Smart

If a “friend” emails and asks for a password or other information, call or email (in a separate email) that friend to verify that they were really who contacted you. The same goes for banks and businesses. First of all, legitimate businesses won’t email you asking for passwords or account numbers. If you think the email might be real, call the bank or business and ask. Or visit the official website. Most banks have an email address to which you can forward suspicious emails for verification.

Educate Your Employees

Educate your employees on the above. This includes on-going education and reminders as well, typically monthly or quarterly. Continued employee education is key.

Contact Us

Contact Us

Please complete the form below
and we will contact you shortly.

Name

Phone

Email

Name

This field is for validation purposes and should be left unchanged.

Testimonials

Testimonials

“We’re building a solid IT foundation to be able to go where we need to be for growth and success. I couldn’t be more pleased with KTS’s performance and progress on our IT Projects.”

Shawn Ellis, CFO Custom Logos

Testimonials

“Both company email migrations have were completed without a problem. Thanks to your team both transitions went smooth.Everyone with your group are both knowledgeable and professional, and you should be proud of the organization you are building.”

John Sonnen, IT & Security Director Child Safety Network

Testimonials

“We have been using KTS for our IT support for about a year now, and we are very pleased with the service we have received. Chris has been our first line person, and has been able to resolve issues quickly, and often remotely, which helps reduce costs. Our staff has really appreciated his fast response and resolution to the issues that have come up. We have also appreciated that there are other folks at KTS who can fill in if Chris is out. Thanks to all!”

Suzy Halleland, Executive Administrator Village Church

Testimonials

“I think you know we have been very happy with your service and are very grateful to have been referred to you guys. But on a more personal note, I want you to know that Kevin in your office has provided a service for us that is way over the top.”

Jeff Golumbuk, CEO Custom Logos

Testimonials

“I’m shooting you a quick note to let you know how pleased we (my office) have been with your service. It is a complete opposite of our past experience with other IT companies. Your team is not only responsive but quick in acknowledging and resolving these issues/requests. They are knowledgeable and pleasant. I also enjoy receiving emails when my office submits tickets.
It is nice to know that when something comes up it will be addressed. This allows me to worry about one le…

Manny Valdes, CSSC Ringler Associates

Testimonials

“I just wanted to thank you and your staff for the excellent service and work provided by KTS. It has been night and day compared to our old third party IT consultant.”

Nick Walters, VP Project Management West Coast General Corp.

Testimonials

“I wanted to let you know that I am absolutely delighted with the service we have received from you and your team so far. I know we put you in a tough position with such short notice of having to jump in and take over, and we really appreciated that.
But there are many other reasons as well. First, I’m so glad they discovered the hard drive problem right away, as that could have caused us a huge issue as you well know. Second, everyone that I’ve had the pleasure to work wi…

Jo Barsa, CPA Barsa & Company

Testimonials

“Our company had a recent office relocation. The transition could never have been as smooth without the support of KTS! You guys were awesome!”

Greg Garner, President San Diego Credit Association

Testimonials

“Kazmarek is fantastic! I’ve used every size of IT company over the past 20 years and Kazmarek is by far superior to all I’ve used. We are extremely happy with their service and expertise. One of the things I like most about them is that they have engineers available to respond to our prioritized needs but they also wanted to give us the best customer service possible so they went above and beyond and put in place an escalation plan so that if I feel the response time is …